23 Texas Government Agencies Knocked Offline in 'Coordinated Ransomeware Attack'

We may earn a commission from links on this page.
Image for article titled 23 Texas Government Agencies Knocked Offline in 'Coordinated Ransomeware Attack'
Photo: Associated Press

On Friday morning of last week, nearly two dozen state agencies across Texas reported having major computer issues. The state now believes that a single hacker is behind this crippling attack.

The Texas Department of Information Resources (DIR) said in a release on Friday that it is overseeing the response to a “coordinated ransomware attack” on several state agencies across the state. As of Saturday, DIR knew of 23 agencies that were affected in the attack, which the department believes was likely executed by a “single threat actor.”


DIR say it is working with many organizations to bring the systems back online, including the state’s Division of Emergency Management, military department, and Public Utility Commission, as well as the Federal Bureau of Investigation’s cyber unit and Federal Emergency Management


“Currently, DIR, the Texas Military Department, and the Texas A&M University System’s Cyberresponse and Security Operations Center teams are deploying resources to the most critically impacted jurisdictions,” DIR said in a statement.

DIR would not tell Gizmodo which agencies were affected in the attack. “At this time, we’re not yet naming impacted entities so as to not make them a target for other potential bad actors,” a DIR spokesperson said in an email.


This incident is just the latest of many recent ransomware attacks on municipalities and state agencies. In June, Riviera Beach, Florida, voted to pay criminals $600,000 in bitcoin to release the stranglehold the hackers gained on the city’s network after a police department worker opened an email attachment infected with malware. Days later Lake City, Florida, paid a bitcoin ransom of $460,000 to hackers that had attacked that city’s network.

In May, about 10,000 computers belonging to Baltimore’s city government were infected with RobbinHood ransomware, in an attack that is expected to cost the city millions of dollars. Last year, the city of Atlanta was hit in a SamSam ransomware attack, for which two Iranians hackers were indicted.


As the Next Web points out in its reporting of the Texas attack, a recent report from Malwarebytes, a cybersecurity company, showed the firm has been seeing a decrease in malware attacks on consumers and an increase in attacks on government agencies and businesses. According to its findings, ransomware detections for businesses increased 363 percent in the second quarter of 2019.